Develop Reference

Introscope 8.2.2 does not work with Java 7 - java-7

I recently upgraded to Java 1.7 patch 40. After this when i try to access introscope I get following error:
"Failed to validate certificate. The application will not be executed". The stack trace is:
sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: algorithm constraints check failed
at sun.security.validator.PKIXValidator.doValidate(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)
at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)
at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)
at com.sun.javaws.Launcher.prepareResources(Unknown Source)
at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.cert.CertPathValidatorException: algorithm constraints check failed
at sun.security.provider.certpath.PKIXMasterCertPathValidator.validate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.doValidate(Unknown Source)
at sun.security.provider.certpath.PKIXCertPathValidator.engineValidate(Unknown Source)
at java.security.cert.CertPathValidator.validate(Unknown Source)
... 21 more
The introscope version i am using is 8.2.2. Is there a way to configure introscope to work with JRE 7?
What are the solutions I can consider? Why would not introscope work with JRE 7?
Thanks for your help.

I found this answer on CA forum, (but the page is no more available...):
http://docs.oracle.com/javase/7/docs/technotes/guides/security/certpath/CertPathProgGuide.html#AppB
--- excerpted from above link ---
Starting from JDK 7u40 release, the default value of jdk.certpath.disabledAlgorithms is as follows:
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
This means that no signature algorithm involving MD2 will be used to verify a certificate. And use of certificates with RSA key size of less than 1024 bits in length is restricted.
--- excerpted from above link ---
The java.security file is located in your client machine's Java/JRE installed directory (jre/lib/security/java.security).
In Java 1.7.0_40 the java.security by default has this setting:
jdk.certpath.disabledAlgorithms=MD2, RSA keySize < 1024
Changing the 1024 to 256 will solve the issue.

Run Java's ContolPanel and reduce your security settings.
Caveat -- this setting applies to all applets and Java Web Start (jnlp) applications.

Related

I'm trying to build pact-workshop-Maven-Springboot-JUnit5/tree/step1 but getting this error when I run command "mvnw verify":
C:\Users\MyUser\git\pact-workshop-Maven-Springboot-JUnit5\consumer>mvnw verify
Found "C:\Users\MyUser\git\pact-workshop-Maven-Springboot-JUnit5\consumer\.mvn\wrapper\maven-wrapper.jar"
JRE being used (logged by my modification in mvnw.cmd): "C:\Program Files (x86)\Java\jre7\bin\java.exe"
Takari Maven Wrapper 0.5.6
Downloading Maven binary from https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip
Downloading https://repo.maven.apache.org/maven2/org/apache/maven/apache-maven/3.6.3/apache-maven-3.6.3-bin.zip
Exception in thread "main" javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at org.apache.maven.wrapper.DefaultDownloader.downloadInternal(DefaultDownloader.java:90)
at org.apache.maven.wrapper.DefaultDownloader.download(DefaultDownloader.java:76)
at org.apache.maven.wrapper.Installer.createDist(Installer.java:72)
at org.apache.maven.wrapper.WrapperExecutor.execute(WrapperExecutor.java:121)
at org.apache.maven.wrapper.MavenWrapperMain.main(MavenWrapperMain.java:61)
I've already added the certificate of Maven Repo to the cacerts file "C:\Program Files (x86)\Java\jre7\lib\security\cacerts". Here is its entry in cacerts:
C:\WINDOWS\system32>"C:\Program Files (x86)\Java\jre7\bin\keytool.exe" -list -keystore "C:\Program Files (x86)\Java\jre7\lib\security\cacerts"
Enter keystore password:
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 79 entries
apachemaven, 14.Eyl.2022, trustedCertEntry,
Certificate fingerprint (SHA1): 5E:9A:A9:4B:5A:8A:1C:31:DB:1F:B5:E6:CF:E4:4D:B1:4C:AE:2F:5F
What am I missing?

Maven Central repository support only TLS 1.2 - more info
By the way mentioned project require JDK 1.8, so you must use JDK 1.8 at least - not 1.7.
With JDK 1.8 your problem will disappear.

I want to use BouncyCastle provider in JDK7, so added bcprov-jdk15to18-165.jar and want to do encryption using x509certificate I have but,
I am getting this error in IBM WebSphere even if I have updated policy files in jre from here
https://www-01.ibm.com/marketing/iwm/mrs/DownloadList?source=jcesdk&lang=en_US
I downloaded unrestricted policy files.
Still I am getting this error:
Exception in thread "main" java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:250)
at javax.crypto.Cipher.getInstance(Unknown Source)
at javax.crypto.Cipher.getInstance(Unknown Source)
at Base64Conversion.encrypt(Test1.java:202)
at Base64Conversion.execute(Test1.java:171)
at Test1.main(Test1.java:68)
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:228)
... 5 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
at javax.crypto.b$0.run(Unknown Source)
at java.security.AccessController.doPrivileged(AccessController.java:280)
... 8 more

Did you try to replace your policy file with Sun distr. ? IF not try this JDK 7 of Sun :
https://www.oracle.com/java/technologies/javase-jce7-downloads.html

Hi All I am new to Jmeter and while recording the HTTPS request getting error in response data.
javax.net.ssl.SSLHandshakeException: Received fatal alert: unknown_ca
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readDataRecord(Unknown Source)
at sun.security.ssl.AppInputStream.read(Unknown Source)
at java.io.BufferedInputStream.fill(Unknown Source)
at java.io.BufferedInputStream.read(Unknown Source)

You need to add the Certificate (ApacheJMeterTemporaryRootCA.crt) to the trusted root folders of your browsers. Becuase Jmeter presents it's own certificate by being a proxy while you are recording, you need to tell your browser that this certificate is a trusted one.

I setup sOAPUI 4.5.1 on Windows XP. It read data file (Excel Format) from a remote server in Data Source correctly.
Now I change Windows to 7 and setup sOAPUI 4.5.1. But I have problem in reading file from remote server and exist Error az below:
"
http:\shpnt07\Support\Modernbank%20Maintenance\Shared%20Documents\محصولات%20مدرن\General\Test\Test%20Design\Functional%20Test\Test%20Data\R292\Loan\GetGuarantyList.xls (The filename, directory name, or volume label syntax is incorrect)
"
While the URL work correctly in Browser.
I try this with Disable and Enable Proxy in browser and SOAPUI.
also I try this with off Firewall and Antivirus.
When Run SoapUI the Error occur on soapui-error.log file:
2014-03-18 10:26:27,844 ERROR [errorlog] Network Error for Version Update or Proxy
2014-03-18 10:26:27,846 ERROR [errorlog] java.net.ConnectException: Connection timed out: connect
java.net.ConnectException: Connection timed out: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at sun.net.NetworkClient.doConnect(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.openServer(Unknown Source)
at sun.net.www.http.HttpClient.<init>(Unknown Source)
at sun.net.www.http.HttpClient.New(Unknown Source)
at sun.net.www.http.HttpClient.New(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getNewHttpClient(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.plainConnect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at com.eviware.soapui.support.SoapUIVersionUpdate.getLatestVersionAvailable(SoapUIVersionUpdate.java:97)
at com.eviware.soapui.support.SoapUIVersionUpdate.checkForNewVersion(SoapUIVersionUpdate.java:267)
at com.eviware.soapui.SoapUIPro$SoapUIProRunner.run(SourceFile:1805)
at com.eviware.soapui.SoapUIPro.main(SourceFile:288)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.exe4j.runtime.LauncherEngine.launch(Unknown Source)
at com.exe4j.runtime.WinLauncher.main(Unknown Source)
please Help me. This is important and I wait.

The error trace says it is having problem reaching out to soapUI server to look for the latest version of the soapUI. This could be of a proxy between you and the server.
You have two options to resolve this
Add proxy details
disable check for new version of soapUI. check the image below and leave the option unchecked.
For the excel file error can you change the محصولات%20مدرن folder name to an english name. Maybe it is not able to recognize the special characters. Also, when you give the url in soapUI are you removing %20 part?

I have a jar which is created using onejar-maven-plugin, which is meant to listen to jms messages from tibco and process accordingly. It works fine but when I sign this jar using jarsigner and try to run it, it throws the exception below:
org.apache.commons.logging.LogConfigurationException: java.lang.StackOverflowError (Caused by java.lang.StackOverflowError)
at org.apache.commons.logging.impl.LogFactoryImpl.newInstance(LogFactoryImpl.java:538)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:235)
at org.apache.commons.logging.impl.LogFactoryImpl.getInstance(LogFactoryImpl.java:209)
at org.apache.commons.logging.LogFactory.getLog(LogFactory.java:351)
at org.springframework.context.support.AbstractApplicationContext.<init>(AbstractApplicationContext.java:160)
at org.springframework.context.support.AbstractRefreshableApplicationContext.<init>(AbstractRefreshableApplicationContext.java:89)
at org.springframework.context.support.AbstractRefreshableConfigApplicationContext.<init>(AbstractRefreshableConfigApplicationContext.java:59)
at org.springframework.context.support.AbstractXmlApplicationContext.<init>(AbstractXmlApplicationContext.java:61)
at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:136)
at org.springframework.context.support.ClassPathXmlApplicationContext.<init>(ClassPathXmlApplicationContext.java:83)
at com.adobe.jobcloud.envoy.client.PushToPrereleaseWorker.main(PushToPrereleaseWorker.java:33)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at com.simontuffs.onejar.Boot.run(Boot.java:340)
at com.simontuffs.onejar.Boot.main(Boot.java:166)
Caused by: java.lang.StackOverflowError
at com.simontuffs.onejar.OneJarFile.getJarEntry(OneJarFile.java:43)
at java.util.jar.JarFile.getManEntry(Unknown Source)
at java.util.jar.JarFile.getManifestFromReference(Unknown Source)
at java.util.jar.JarFile.getManifest(Unknown Source)
at java.util.jar.JarFile.maybeInstantiateVerifier(Unknown Source)
at java.util.jar.JarFile.getInputStream(Unknown Source)
at com.simontuffs.onejar.OneJarFile.getJarEntry(OneJarFile.java:50)
at java.util.jar.JarFile.getManEntry(Unknown Source)
at java.util.jar.JarFile.getManifestFromReference(Unknown Source)
at java.util.jar.JarFile.getManifest(Unknown Source)
at java.util.jar.JarFile.maybeInstantiateVerifier(Unknown Source)
at java.util.jar.JarFile.getInputStream(Unknown Source)
at com.simontuffs.onejar.OneJarFile.getJarEntry(OneJarFile.java:50)
at java.util.jar.JarFile.getManEntry(Unknown Source)
at java.util.jar.JarFile.getManifestFromReference(Unknown Source)
at java.util.jar.JarFile.getManifest(Unknown Source)
Also if I use maven-jarsigner-plugin to sign it, the result is exactly same. I'm clueless and stuck up with this issue.
Any help will be appreciated.

Have you tried to increase the -Xss JVM option? To 4096k at first, then lower it until it fails again.
Working with ciphers generally maybe need more than default stack size.
For the maven jarsigner plugin you can edit .mavenrc file in your linux home directory and add these lines:
#!/bin/bash
export JAVA_HOME=/usr/lib/jvm/java-6-sun-i586 #(or another)
export M2_HOME=/usr/local/lib/apache-maven/apache-maven-3.0.4
export MAVEN_OPTS="-Xss4096k -XX:MaxPermSize=128m -Xmx384m"
I don't know how to do this under windows, but there must be similar solution (here?)